[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#848347: don't mess with gosa.conf on package upgrades

On 18-12-16 17:40, Wolfgang Schweer wrote:
On Sun, Dec 18, 2016 at 04:37:08PM +0100, Petter Reinholdtsen wrote:
[Holger Levsen]
users can edit files in /etc and this will make dpkg prompt, yes.

I guess my question was unclear.  I am not talking about users editing
files in /etc/, but Gosa admins using the web interface to configure
Gosa and the web service modifying files in /etc/ behind the scene.  If
so, this causes conffile questions which confuses the people who never
modified the conffile manually.

Is Gosa capable of modifying gosa.conf in /etc/ from the web interface?

As far as I can tell: No. Although discouraged to a high degree, admins
can change properties contained in gosa.conf via the web interface. But
all changes done this way go into LDAP. The file gosa.conf can be
changed by root only.


I haven't really followed the discussion, but I know one use of modifying gosa.conf as root is to allow editable usernames in the web-interface. I'm sure I use that modification and I'm pretty sure there's another one.

" If you don't like the generated username you can select another username offered in the drop-down box, but you do not have a free choice here in the wizard. (If you want to be able to edit the proposed username, open /etc/gosa/gosa.conf with an editor and add allowUIDProposalModification="true" as an additional
   option to the "location definition".)"


"That's a known issue. Just remove the complete sambaHashHook item from
gosa.conf; be carefull to not delete the closing ">".

- sambaHashHook='perl -MCrypt::SmbHash -e "print join(q[:], ntlmgen %password), $/;"'

     <!-- Location definition -->
     <location name="Debian Edu"

The issue has been added to the updated manual; see:



So, I'm not sure how this influences the discussion, but there are legitimate uses to modified gosa.conf files.



Reply to: